Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Launch ewido, there should be a big "E" icon on your desktop, double-click it.

The program will prompt you to update click the "OK" button

The program will now go to the main screen

You will need to update ewido to the latest definition files.

On the left hand side of the main screen click update

Click on Start

The update will start and a progress bar will show the updates being installed. After the updates are installed, exit ewido.

If you are having problems with the updater, you can use this link to manually update ewido.Ewido manual updates

Once the updates are installed do the following:

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

Reboot into Safe Mode, you can do this by restarting your computer, then contiunally tapping F8 until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter. Then, run ewido.

Close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

Click on scanner

Click on Settings

Under "How to scan" all boxes should be selected

Under "Possibly unwanted software" all boxes should be selected

Under "What to scan" select scan every file

Click OK

Click on Complete system scan

Let the program scan the machine

If ewido finds anything, it will pop up a notification. NOTE: We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, AOL, pcAnywhere and the game "Risk" have been flagged. In particular, watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives) select "none" as the action. DO NOT check "Perform action with all infections." If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report.

Click Save report

Save the report to your desktop

Exit ewido

Let's look for, and delete, any program segments(prefetches) that might be present, and are associated with the 'problems' we're trying to remove from this system. To do this, let's:

1) Click "Start=>Search", then search for each of these program's base name(s), in all files and folders:

update.exe*

2) Then if any are found in the 'prefetch' folder, delete them.

Look closely, since the 'base' name will have a bunch of random numbers and letter "s" attached to it.

Below is my standard "Final Cleanup" and "All Clean" speech. Included in it are tips on how to keep your computer from being reinfected. They are simple to set up and simple to maintain, and I HIGHLY recommend that you follow them. (I use every one.)

How to use Spybot to remove Spyware=> If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware

To protect yourself further:

IE/Spyad=> IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.

MVPS Hosts file=> The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.

Google Toolbar=> Get the free google toolbar to help stop pop up windows.

Use a Firewall=> I can not stress enough how important it is that you use a Firewall on your computer. For an excellent article on Firewalls, why you should use one and a some of those available, see Computer Safety On line - Software Firewalls. I recommend ZoneAlarm or Sunbelts Kerio. ZoneAlarm is more user-friendly, but Sunbelts Kerio is considered more secure.

UPDATE!-UPDATE!-UPDATE!=> This is, without a doubt, THE MOST IMPORTANT element in keeping your computer free of malware. Keep each and every one of your anti-malware tools AND Windows up-to-date with all current definitions and patches.

I also suggest that you delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself), for example:

****** PLEASE READ ******it is very rewarding to see that your computer is clean. Now we urge you to stand up and be counted! Document your experience, and by doing so, launch a complaint against the makers of malware. You can make a difference. Click on the Malware Complaints icon in my signature and support our cause.

How are things running? If you are having any more problems, post back the description along with a fresh HijackThis log.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.